Implementation of the Galois Counter Mode (GCM). More...
#include <GCM.h>
Public Member Functions | |
| GCM () | |
| Constructs a new GCM object for the block cipher T. | |
 Public Member Functions inherited from GCMCommon | |
| virtual | ~GCMCommon () |
| Destroys this cipher object after clearing sensitive information. | |
| size_t | keySize () const |
| Default size of the key for this cipher, in bytes. More... | |
| size_t | ivSize () const |
| Size of the initialization vector for this cipher, in bytes. More... | |
| size_t | tagSize () const |
| Returns the size of the authentication tag. More... | |
| bool | setKey (const uint8_t *key, size_t len) |
| Sets the key to use for future encryption and decryption operations. More... | |
| bool | setIV (const uint8_t *iv, size_t len) |
| Sets the initialization vector to use for future encryption and decryption operations. More... | |
| void | encrypt (uint8_t *output, const uint8_t *input, size_t len) |
| Encrypts an input buffer and writes the ciphertext to an output buffer. More... | |
| void | decrypt (uint8_t *output, const uint8_t *input, size_t len) |
| Decrypts an input buffer and writes the plaintext to an output buffer. More... | |
| void | addAuthData (const void *data, size_t len) |
| Adds extra data that will be authenticated but not encrypted. More... | |
| void | computeTag (void *tag, size_t len) |
| Finalizes the encryption process and computes the authentication tag. More... | |
| bool | checkTag (const void *tag, size_t len) |
| Finalizes the decryption process and checks the authentication tag. More... | |
| void | clear () |
| Clears all security-sensitive state from this cipher. More... | |
| Public Member Functions inherited from AuthenticatedCipher | |
| AuthenticatedCipher () | |
| Constructs a new authenticated cipher. | |
| virtual | ~AuthenticatedCipher () |
| Destroys this authenticated cipher. | |
| Public Member Functions inherited from Cipher | |
| Cipher () | |
| Constructs a new cipher object. | |
| virtual | ~Cipher () |
| Destroys this cipher object. More... | |
Additional Inherited Members | |
| Protected Member Functions inherited from GCMCommon | |
| GCMCommon () | |
| Constructs a new cipher in GCM mode. More... | |
| void | setBlockCipher (BlockCipher *cipher) |
| Sets the block cipher to use for this GCM object. More... | |
Detailed Description
template<typename T>
class GCM< T >
Implementation of the Galois Counter Mode (GCM).
GCM mode converts a block cipher into an authenticated cipher that uses the block cipher T to encrypt and GHASH to authenticate.
The size of the key is determined by the underlying block cipher T. The IV is recommended to be 96 bits (12 bytes) in length, but other lengths are supported as well. The default tagSize() is 128 bits (16 bytes) but the GCM specification does allow other tag sizes: 32, 64, 96, 104, 112, 120, or 128 bits (4, 8, 12, 13, 14, 15, or 16 bytes).
The template parameter T must be a concrete subclass of BlockCipher indicating the specific block cipher to use. The block cipher must have a block size of 128 bits. For example, the following creates a GCM object using AES256 as the underlying cipher and then uses it to encrypt and authenticate a plaintext block:
The decryption process is almost identical to convert a ciphertext and tag back into plaintext and then check the tag:
The GCM class can also be used to implement GMAC message authentication by omitting the plaintext:
References: NIST SP 800-38D, http://en.wikipedia.org/wiki/Galois/Counter_Mode
The documentation for this class was generated from the following files:
